A few weeks ago Splunk attended the Infosec conference in London. It was a busy event full of great security gurus on a mission to protect their environment with state of the art defences.

Enterprise Security 3.3

Security experts got to see live demos at the Splunk booth of the Splunk Enterprise platform as well as key apps including the Splunk App for Enterprise Security, PaloAlto, Fireye, Cisco Security and many more. They learned how to quickly identify, investigate, and respond to internal and external threats throughout their organization. Attendees of the conference were particularly interested in the STIX/TAXII and OpenIOC integration. If you want to learn more – here are some resources:

In their report, “An Analytics-based Approach to Cybersecurity,” Enterprise Strategy Group explains why organizations continue to experience costly data breaches and how some lack the right cybersecurity strategies, skills, processes, and technologies needed to best tackle cyberattacks. The report highlights two key areas of weakness – incident response and limitations of legacy SIEM solutions.

Incident response is a simple concept yet many companies felt they were weak in capabilities such as performing root cause analysis, scoping an outbreak to contain and remediate the infection and then determining how to prevent similar attacks in the future. This means that any attack that gets into the organization will have a good change to persist within that organization, and once the …

Presentation overview:
Virtualization and storage technologies go hand-in-hand. If performing poorly, they can have a serious impact on your applications’ performance and users’ experience. This presentation shows how Splunk can help you get unified visibility …

One of my all-time favorite Seinfeld episodes is the one where George will do anything to maintain his top score status on Frogger. But power supply and traffic get in the way – literally. Fast forward to today, and you have the same roadblocks, with different names — downtime and latency.

The Online Technology Group at Ubisoft (which makes popular games like Assassin’s Creed and Far Cry) uses Splunk Enterprise to help them monitor how Ubisoft game developers use their API to call various services, so they can identify the applications that are running slowly. The visibility that Splunk provides enables the Online Technology Group to identify and fix issues more quickly, enabling the game developers to deliver a better …

This is a familiar refrain in my home: “What’s on TV? Nothing? Ok, what about Netflix? Or Hulu? Have you seen the latest on Amazon Prime?” If you’re like me, you’d go to each service and search through each programming guide until you found a program you like. Or, you could use TiVo and search across all of the programming guides at once, saving yourself lots of time and trouble switching from one service to another.

For TiVo, this search capability – as well as other TiVo features — is critical to providing a seamless user experience for their 5M+ customers worldwide. Not just on TVs, but on tablets and smartphones too!TiVo uses Splunk to monitor the uptime …

In my last blog post entry, I talked about indexing radio stations’ playlists and described my reference implementation. This brings up a question whether the same approach can be used for indexing playlists for videos, not just songs. The answer is yes. One thing to keep in mind is that most people don’t spend time wondering what was the last video played on a certain web site or cable channel so that they can purchase it. In other words, discovering new videos on TV channels is not as popular an activity as discovering new songs on the radio. Nevertheless, it is a popular activity on the web. To try this out, I created two reference implementations that you can …

Put down that O’Reilly book about RegEx, quit googling, and saddle up! Ninja’s going Texas style today with a new video on Regular Expressions, or REGEX. Since Splunk is the ultimate swiss army knife for IT, or rather the “belt” in “blackbelt”, I wanted to share with you how I learned about Regex and some powerful ways to use it in your Splunk server.

I did have an O’Reilly book on Regex, and I have spent a great deal of time on the web looking up how to do regex. Still, I like the easy way, and since i’m a visual guy–to no surprise–I have found some great tools that help me. RegexBuddy by JGSoft and Reggy (free …

Today, http://splunk.tv is live at Amazon Start-Up at the Austin Music Hall. Tune in, the SplunkNinja will be talking about what we’ve been doing with Amazon’s Web Services in a number of capacities. This will be recorded, so if you can’t make it–tune in later. 3:10 PM CST.

Update: The recorded video from yesterday’s presentation at Amazon Startup is here:

Recently, I’ve been thinking long and hard about blogging. People get on my case because “the ninja hasn’t blogged lately”. They’re right. I do understand that when you have go so far as to actually establish some sort of audience–in my case–Splunk related content consumers, you owe it to them to keep the content up. In fact I do cherish the one thing any reader does give (which is the best possible gift)–your attention. You have my word I shall publish much more.

What I’d ultimately like to do is use something like Twitter to create microblog feeds that pipe directly in to WordPress, and are delivered to the blog as posts, or whatever. Technically Twitter competes–in a small way–with …

This episode gives our faithful and inquisitive viewers a behind-the-scenes look at the Splunk Ninja’s ghetto-tech operation. Some viewers have been wondering, how I put all of these videos together, what equipment to use and what software or websites to get started with. Covered in this no-holds-barred, blockbuster epic, multi-dollar budgeted, long form tutorial are:

My experiences in getting to this point.

Things for you to consider and many options.

Tools I use in my “anti-studio”.

Production, hosting, viewing and all that nonsense.

Its the longest video I’ve ever done. I really try to put content in front of the viewers that has substance, some level of staying power, relevance and most of all value for your attention–which I do …